(19)
(11) EP 1 308 821 A3

(12) EUROPEAN PATENT APPLICATION

(88) Date of publication A3:
17.03.2004 Bulletin 2004/12

(43) Date of publication A2:
07.05.2003 Bulletin 2003/19

(21) Application number: 02019473.4

(22) Date of filing: 30.08.2002
(51) International Patent Classification (IPC)7G06F 1/00
(84) Designated Contracting States:
AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LI LU MC NL PT SE SK TR
Designated Extension States:
AL LT LV MK RO SI

(30) Priority: 30.10.2001 JP 2001332701

(71) Applicant: Hitachi, Ltd.
Chiyoda-ku, Tokyo 101-8010 (JP)

(72) Inventors:
  • Aoshima, Hirokazu, Hitachi, Ltd., Int. Prop. Group
    Chiyoda-ku, Tokyo 100-8220 (JP)
  • Kaji, Tadashi, Hitachi, Ltd., Int. Prop. Group
    Chiyoda-ku, Tokyo 100-8220 (JP)
  • Matsushima, Hitoshi, Hitachi,Ltd., Int.Prop.Group
    Chiyoda-ku, Tokyo 100-8220 (JP)
  • Umezawa, Katsuyuki, Hitachi,Ltd., Int.Prop.Group
    Chiyoda-ku, Tokyo 100-8220 (JP)
  • Yoshiura, Hiroshi, Hitachi,Ltd., Int.Prop.Group
    Chiyoda-ku, Tokyo 100-8220 (JP)
  • Toyoshima, Hisashi, Hitachi,Ltd., Int.Prop.Group
    Chiyoda-ku, Tokyo 100-8220 (JP)

(74) Representative: Strehl Schübel-Hopf & Partner 
Maximilianstrasse 54
80538 München
80538 München (DE)

   


(54) System and method for authentication


(57) A system that can reduce possibility of outflow of private information in authentication of a user of an information terminal. A management apparatus has a user certificate DB in which a user certificate is registered in association with certificate identification information. Further, the management apparatus reads the user certificate associated with the certificate identification information sent from a service providing apparatus, from the user certificate DB, and judges whether the user certificate satisfies certain Web browsing conditions, to determine approval or denial of browsing the Web page concerned. Then, the management apparatus sends the service providing apparatus approval or denial information indicating the determination result. On the other hand, the service providing apparatus receives the certificate identification information from the information terminal, sends the certificate identification information to the management apparatus, and acquires the approval or denial information from the management apparatus. When the acquired approval or denial information indicates permission to browse the Web page, the service providing apparatus permits the information terminal to browse the Web page.






Search report